CVE-2025-65270

Reflected cross-site scripting XSS vulnerability in ClinCapture EDC 3.0 and 2.2.3, allowing an unauthenticated remote attacker to execute JavaScript code in the context of the victim's browser...

CVE-2025-65270

Reflected cross-site scripting XSS vulnerability in ClinCapture EDC 3.0 and 2.2.3, allowing an unauthenticated remote attacker to execute JavaScript code in the context of the victim's browser...

CVE-2025-65270

Reflected cross-site scripting XSS vulnerability in ClinCapture EDC 3.0 and 2.2.3, allowing an unauthenticated remote attacker to execute JavaScript code in the context of the victim's browser...

PT-2025-52667

Name of the Vulnerable Software and Affected Versions ClinCapture EDC versions 2.2.3 and 3.0 Description A reflected cross-site scripting XSS issue exists that allows a remote attacker to execute JavaScript code within a user's browser. The attacker does not need to be authenticated to exploit th...

EUVD-2024-45457

Malicious code in bioql PyPI...

EUVD-2024-1371

Malicious code in bioql PyPI...

chromatrace (>=0.1.6 <=0.1.7), ddos-blocker (>=0.0.3 <=0.0.13) +21 more potentially affected by CVE-2025-59682 via django (>=5.1.0 <=5.1.12)

django PYPI version =5.1.0, =0.1.6, =0.0.3, =0.0.15, =2.7.0, =1.0.3, =0.6.2, =5.1.0, =0.2.30, =1.42.2, =1.21.0, =1.21.1.dev5 and more Source cves: CVE-2025-59682 Source advisory: SNYK:PYTHON-DJANGO-13179425...

Malicious code in @zalastax/nolb-_edc (npm)

The package @zalastax/nolb-edc was found to contain malicious code...

Malicious code in edc-ng2-select (npm)

The package edc-ng2-select was found to contain malicious code...

MAL-2025-9969 Malicious code in @zalastax/nolb-_edc (npm)

The package @zalastax/nolb-edc was found to contain malicious code...

MAL-2025-19215 Malicious code in edc-ng2-select (npm)

The package edc-ng2-select was found to contain malicious code...

CVE-2024-4536

In Eclipse Dataspace Components from version 0.2.1 to 0.6.2, in the EDC Connector component https://github.com/eclipse-edc/Connector , an attacker might obtain OAuth2 client secrets from the vault. In Eclipse Dataspace Components from version 0.2.1 to 0.6.2, we have identified a security...

CVE-2024-51625

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in edckwt Quran Shortcode quran-shortcode allows Blind SQL Injection.This issue affects Quran Shortcode: from n/a through = 1.5...

CVE-2024-51625

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in edckwt Quran Shortcode quran-shortcode allows Blind SQL Injection.This issue affects Quran Shortcode: from n/a through = 1.5...

CVE-2024-51625

CVE-2024-51625 is a WordPress plugin issue in Quran Shortcode (EDC Team) with an SQL injection vulnerability. Connected sources confirm: affected software is Quran Shortcode versions up to 1.5 (and earlier); root cause is improper neutralization of special elements in SQL commands, leading to bli...

CVE-2024-51625 WordPress Quran Shortcode plugin <= 1.5 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in edckwt Quran Shortcode quran-shortcode allows Blind SQL Injection.This issue affects Quran Shortcode: from n/a through = 1.5...

PT-2024-34768 · Unknown · Edc Team Quran Shortcode

Name of the Vulnerable Software and Affected Versions: EDC Team Quran Shortcode versions 1.5 and earlier Description: The issue is related to an SQL Injection vulnerability, specifically an Improper Neutralization of Special Elements used in an SQL Command. This allows for Blind SQL Injection,...

django-blocklist (>=2.7.0 <=2.8.0), django-etf-api (=0.1.0) +12 more potentially affected by CVE-2024-45231 via django (>=5.1.0 <=5.1.0rc1)

django PYPI version =5.1.0, =2.7.0, =1.0.3, =0.6.2, =5.1.0, =0.2.30, =1.0.0, =0.3.19, =0.1.1, =0.91.0, =2.6.0b0, =2.6.0b2 Source cves: CVE-2024-45231 Source advisory: OSV:GHSA-RRQC-C2JX-6JGV...

django-blocklist (>=2.7.0 <=2.8.0), django-etf-api (=0.1.0) +12 more potentially affected by CVE-2024-45230 via django (>=5.1.0 <=5.1.0rc1)

django PYPI version =5.1.0, =2.7.0, =1.0.3, =0.6.2, =5.1.0, =0.2.30, =1.0.0, =0.3.19, =0.1.1, =0.91.0, =2.6.0b0, =2.6.0b2 Source cves: CVE-2024-45230 Source advisory: OSV:PYSEC-2024-102...

org.eclipse.tractusx.edc:data-encryption (=0.6.0), org.eclipse.tractusx.edc:edc-controlplane (=0.6.0) +5 more potentially affected by CVE-2024-8642 via org.eclipse.edc:transfer-data-plane (=0.5.1)

org.eclipse.edc:transfer-data-plane MAVEN version =0.5.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.eclipse.edc:transfer-data-plane and may be impacted: - org.eclipse.tractusx.edc:data-encryption =0.6.0 -...